What is CVE-2026-2607?

CVE-2026-2607 is a medium-severity vulnerability in Ibm Mq Operator, classified under Insertion of Sensitive Information into Log File. CVSS score: 5.1/10. Published 2026-05-27.

How severe is CVE-2026-2607?

Medium severity. CVSS v3 base score is 5.1 out of 10.

Information disclosure in Ibm Mq Operator

CVE-2026-2607

IBM MQ Operator SC2: v3.2.0 through 3.2.23CD: v3.3.0, v3.4.0, v3.4.1, v3.5.0, v3.5.1 - v3.5.3, v3.6.0 - v3.6.4, v3.7.0 - v3.7.2, v3.8.0, v3.8.1, v3.9.0, v3.9.1LTS: v2.0.0 - 2.0.29 and IBM supplied MQ Advanced container images SC2: 9.4.0.6…

EPSS: 0.000 (3.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.1 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Ibm Mq Operator — versions SC2: v3.2.0
Ibm Supplied Mq Advanced Container Images — versions SC2: 9.4.0.6

Weakness classification (CWE)

CWE-532 — Insertion of Sensitive Information into Log File

References

psirt@us.ibm.com (vendor-advisory, patch)

Frequently asked questions

What is CVE-2026-2607?: CVE-2026-2607 is a medium-severity vulnerability in Ibm Mq Operator, classified under Insertion of Sensitive Information into Log File. CVSS score: 5.1/10. Published 2026-05-27.
How severe is CVE-2026-2607?: Medium severity. CVSS v3 base score is 5.1 out of 10.